How your passwords can be stolen by AI listening to your keystrokes

How your passwords can be stolen by AI listening to your keystrokes

Learn about this scary new technique and how you can protect yourself

by Kurt Knutsson

Imagine typing your password on your computer and having an AI listen to every keystroke and accurately guess what you are typing. This is not a sci-fi scenario but a real possibility, according to a new study by a team of researchers in the UK.

They reported that AI can listen to the keystrokes you make on your computer and steal your passwords with up to 95% accuracy. Let’s dive into this disturbing new information and see how you can protect yourself from this unfortunate situation.

 

How AI can eavesdrop on your keyboard 

When the researchers tested an AI model listening to keystrokes, they trained the model on the intensity, waveform, and time of each keystroke. The model listened for the keystrokes on a MacBook Pro and was able to repeat them with up to 95% accuracy.

However, having the model focus on the intensity, waveform, and time of every keystroke means that AI will analyze the way you are typing and not how loud your keyboard sounds while you’re typing.

There’s no need to rush out and get a brand-new keyboard that you think will sound quieter than the one you already have. The research team also tested this theory during a Zoom call and a Skype call, and each ended with the AI model reproducing keystrokes with over 90% accuracy. A Zoom spokesperson had this to say regarding those findings,

Zoom takes the privacy and security of our users seriously. In addition to the mitigation techniques suggested by the researchers, Zoom users can also configure our background noise suppression feature to a higher setting, mute their microphone by default when joining a meeting, and mute their microphone when typing during a meeting to help keep their information more secure.

1-TYPINGThis means that AI can potentially steal your passwords or other sensitive data by simply listening to your keystrokes, even if you are not showing your screen or keyboard during a video call. This is a serious security threat that could expose your online accounts to hackers. 

 

MORE: APPLE’S REPLACEMENT FOR THE PASSWORD 

GET MY FREE CYBERGUY REPORT
Subscribe to receive my latest Tech news, security alerts, tips and deals newsletter.

By signing up, you agree to our Terms of Service and Privacy Policy. You may unsubscribe at any time.
Tips to avoid our newsletters going to your junk folder

 

How hackers can use your microphone to steal your passwords 

A hacker can simply use this technique or method by installing malware on your devices with a microphone, such as your laptop or smartphone.

Once the malware is installed, it can gather data from your previous keystrokes and then feed them to an AI model, which will then use your microphone to listen in and repeat those same keystrokes to get your passwords.

Although this is a more complicated way for a hacker to get password information out of you, it’s not impossible, and you should still take precautionary measures to protect yourself from this potential threat.

 

How to keep yourself safe from AI replicating your keystrokes

Turn off your microphone on a PC or Mac

If you want to safeguard your privacy by disabling the microphone on your PC or Mac to prevent potential eavesdropping, ensuring that sensitive activities like typing passwords remains secure from AI-driven listening.

On a Mac:
  • Select System Preferences in your dock
  • Click Security & Privacy or it might be listed as Privacy & Security
  • Scroll down and click Microphone to see which programs and apps have access to these functions
  • Check or uncheck apps or programs you wish to give or deny access to the microphone
On a PC:
  • Select Start 
  • Go to Settings 
  • Select Privacy & security
  • Click Microphone
  • In Allow access to the microphone on this device, select Change and make sure Microphone access for this device is turned on.
  • In Microphone settings, go to Allow apps to access your microphone and make sure it’s turned on.
  • Once you’ve allowed microphone access to your apps, you can change the settings for each app. In Microphone settings, go to Choose which Microsoft apps can access your microphone, and turn on apps you want to use with it.
  • For desktop apps, make sure that Allow desktop apps to access your microphone is turned on.

 

Have white noise play in the background

Another suggestion is having white noise or even software-based keystroke audio filters playing in the background while typing on your keyboard.

 

Use strong and unique passwords

Use strong and unique passwords for your online accounts and change them periodically. A password manager can be a vital tool in preventing AI intrusions for two main reasons.

First, it consolidates all your passwords, automatically populating login fields, eliminating the need for you to recall or manually type them. This reduces the chance of AI detecting or predicting your keystrokes.

Second, password managers generate and safeguard intricate passwords for every account. This means that even if a hacker compromises one password, your other accounts remain secure and untouched.

My #1 pick for password manager is 1Password. With no known security breaches or vulnerabilities, 1Password is a solid option as a paid password manager. It utilizes a well-designed interface, which features core components that are expected from premium, paid password managers. At the time of publishing, it starts at $2.99 a month, billed annually, for a total of $35.88/year, and you can save more with a family option which includes 5 family members for $60/year.

Best Password Managers expert reviewed for 2023

 

Use 2-factor authentication

Another way to protect yourself from AI getting your passwords is by using 2-factor authentication. Having 2-factor authentication will add an extra shield that will prevent AI from getting into your account even if it guesses a keystroke correctly.

This usually comes in the form of having to provide extra information like confirming with a text message, email, or even on a separate 2FA app such as Microsoft authenticator.

With 2FA in place, AI won’t be able to successfully steal your passwords with just a simple keystroke. Look into using 2-factor authentication on all your devices and accounts if it is available.  

3-MAN ON COMPUTER

MORE: ARE YOUR PASSWORDS SAFE? 

 

Have strong antivirus software on all your devices

Keeping hackers and AI models out of your devices can be prevented if you have good antivirus software installed. Having antivirus software on your devices will make sure you are stopped from clicking on any potential malicious links which may install malware on your devices, which is the first step a hacker might use to get that AI model to record your keystrokes. 

Special for CyberGuy Readers:  My #1 pick is TotalAV, and you can get a limited-time deal for CyberGuy readers: $19 your first year (80% off) for the TotalAV Antivirus Pro package.  

Read my review of best antivirus picks here

Best Antivirus Protection 2024

 

Kurt’s key takeaways

Ultimately, getting a new keyboard is not the solution to avoiding AI models stealing your keystrokes. The best you can do is follow all my suggestions above and make sure you’re regularly checking all your accounts to spot any suspicious activity. This is a scary scenario; however, it can likely be avoided as long as you are vigilant and attentive to your information.

What more could AI companies like OpenAI be doing to make sure that hackers can’t use their models to assist them with malicious activity? Let us know by commenting below.

FOR MORE OF MY TECH TIPS & SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE

 

Related:

 

 

Copyright 2024 CyberGuy.com.  All rights reserved.  CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.


   

30 comments

Patti August 16, 2023 - 8:10 am

What about face recognition??

Reply
Kurt-Knutsson
Kurt Knutsson August 16, 2023 - 2:52 pm

Yes – another good option!

Reply

Leave a Comment

GET MY FREE CYBERGUY REPORT
Subscribe to receive my latest Tech news, security alerts, tips and deals newsletter. (We won't spam or share your email with anyone else.)

By signing up, you agree to our Terms of Service and Privacy Policy. You may unsubscribe at any time.

Tips to avoid our newsletters going to your junk folder